IN THE CLAIMS : 



1 . (Previously presented) A method for managing multiple user identities for a user 
of an electronic commerce (e-commerce) site, the method comprising: 

defining the e-commerce site as a plurality of security domains; and 

in response to a user's request to invoke an operation of the e-commerce site: 

determining a security domain of the plurality of security domains to 
which the operation relates; 

selecting a session from a plurality of sessions persisted for the user based 
on the determined security domain; and 

reusing the selected session for the user automatically in accordance with 
the determined security domain, the selected session being 
associated with a user identity and a role, the user identity and the 
role together indicating privileges for invoking operations of the e- 
commerce site in the determined security domain. 

2. (Previously presented) The method of claim 1 comprising invoking the requested 
operation with the user identity and the role of the selected session. 

3. (Previously presented) The method of claim 2 wherein the selected session 
comprises information indicating at least one of: the user preference's for invoking 
operations at the e-commerce site; the user's preferences for invoking operations at least 
for the determined security domain; and a security signature for authenticating the 
selected session information. 

4. (Previously presented) The method of claim 1 comprising evaluating the 
requested operation to determine an operation type and wherein the step of reusing is 
performed in accordance with the operation type. 

5. (Canceled) 
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6. (Previously presented) The method of claim 4 wherein the user identity is 
associated with an identity type for permitting the invocation of operations; wherein the 
method comprises receiving the user's request in association with the plurality of sessions 
persisted for the user and retrieving the user identity for the determined security domain 
from the plurality of sessions; and wherein the step of reusing is performed in response to 
the identity type of the retrieved user identity. 

7. (Previously presented) The method of claim 1 wherein the step of selecting 
comprises providing one or more cookies defining the selected session to the user for 
associating with a subsequent request. 

8. (Previously presented) The method of claim 7 wherein the cookies comprise an 
authentication cookie and a session cookie; and wherein the method comprises 
authenticating the user's request. 

9. (Previously presented) The method of claim 1 comprising: 

defining each of the plurality of security domains as a hierarchy of organizations 
and assets owned by the organizations; and 

wherein the step of determining the security domain of the plurality of security 
domains to which the operation relates comprises evaluating the user's request in 
accordance with the hierarchy. 

10. (Previously presented) A computer readable medium tangibly embodying 
computer executable code for managing multiple user identities for a user of an electronic 
commerce (e-commerce) site defined using the plurality of security domains, wherein the 
computer executable code, when executed on a computing device, causes the computing 
device to: 

in response to a user's request to invoke an operation of the e-commerce site: 
determining a security domain of the plurality of security domains to 
which the operation relates; 
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selecting a session from a plurality of sessions persisted for the user based 
on the determined security domain; and 

reusing the selected session for the user automatically in accordance with 
the determined security domain, the selected session being 
associated with a user identity and a role, the user identity and the 
role together indicating privileges for invoking operations of the e- 
commerce site in the determined security domain. 

1 1 . (Previously presented) The computer readable medium of claim 1 0 comprising 
code for invoking the requested operation with the user identity and the role of the 
selected session. 

12. (Previously presented) The computer readable medium of claim 1 1 wherein the 
selected session comprises information indicating at least one of: the user preference's for 
invoking operations at the e-commerce site; the user's preferences for invoking operations 
at least for the determined security domain; and a security signature for authenticating the 
selected session information. 

13. (Previously presented) The computer readable medium of claim 10 comprising 
code for evaluating the requested operation to determine an operation type and wherein 
the code for reusing is adapted to be performed in accordance with the operation type. 

14. (Canceled) 

15. (Previously presented) The computer readable medium of claim 13 wherein the 
user identity is associated with an identity type for permitting the invocation of 
operations; wherein the computer program product comprises code for receiving the 
user's request in association with plurality of sessions persisted for the user and retrieving 
the user identity for the determined security domain from the plurality of sessions; and 
wherein the code for reusing is adapted to be performed in response to the identity type of 
the retrieved user identity. 



Page 4 of 10 
Chan etal.- 10/727,322 



16. (Previously presented) The computer readable medium of claim 10 wherein the 
code for reusing comprises code for providing one or more cookies defining the selected 
session to the user for associating with a subsequent request. 

17. (Previously presented) The computer readable medium of claim 16 wherein the 
cookies comprise an authentication cookie and a session cookie; and wherein the 
computer program product comprises code for authenticating the user's request. 

18. (Previously presented) The computer readable medium of claim 10 comprising 
code for: 

defining each of the plurality of security domains as a hierarchy of organizations 
and assets owned by the organizations; and 

wherein the code for determining the security domain of the plurality of security 
domains to which the operation relates is adapted to evaluate the user's request in 
accordance with the hierarchy. 

19. (Previously presented) A system for managing multiple user identities for a user 
of an electronic commerce (e-commerce) site defined using a plurality of security 
domains, the system comprising: 

an identity manager component configured to, in response to a user's request to 
invoke an operation of the e-commerce site: 

determine a security domain of the plurality of security domains to which 

the operation relates; 
select a session from a plurality of sessions persisted for the user based on 

the determined security domain; and 
reuse the selected session for the user automatically in accordance with the 
determined security domain, the selected session being associated with a user 
identity and a role, the user identity and the role together indicating privileges for 
invoking operations of the e-commerce site in the determined security domain. 
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20. (Previously presented) The system of claim 19 wherein the identity manager 
component is adapted to invoke the requested operation with the user identity and the role 
of the selected session. 

21 . (Previously presented) The system of claim 20 wherein the selected session 
comprises information indicating at least one of: the user preference's for invoking 
operations at the e-commerce site; the user's preferences for invoking operations at least 
for the determined security domain; and a security signature for authenticating the 
selected session information. 

22. (Previously presented) The system of claim 19 wherein the identity manager 
component is configured to evaluate the requested operation to determine an operation 
type and adapted to reuse the selected session in accordance with the operation type. 

23. (Canceled) 

24. (Previously presented) The system of claim 22 wherein the user identity is 
associated with an identity type for permitting the invocation of operations; wherein the 
identity manager component is adapted to receive the user's request in association with 
the plurality of sessions persisted for the user and retrieve the user identity for the 
determined security domain from the plurality of sessions; and wherein the identity 
manager component is adapted to reuse the selected session in response to the identity 
type of the retrieved user identity. 

25. (Previously presented) The system of claim 1 9 wherein to select the selected 
session the identity manager component provides one or more cookies defining the 
selected session to the user for associating with a subsequent request. 

26. (Previously presented) The system of claim 25 wherein the cookies comprise an 
authentication cookie and a session cookie; and wherein the identity manager component 
authenticates the user's request. 
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27. (Previously presented) The system of claim 19 wherein the e-commerce site 
defines each of the plurality of security domains as a hierarchy of organizations and 
assets owned by the organizations; and wherein the identity manager component is 
adapted to determine the security domain of the plurality of security domains to which 
the operation relates by evaluating the user's request in accordance with the hierarchy. 
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